Fixes ging/fiware-idm#53

Issue on OAuth2 tokens validation
ging · May 9, 2016 · b78fed7 · b78fed7
1 parent 086105f
commit b78fed7
Showing 1 changed file with 4 additions and 0 deletions.
diff --git a/keystone/contrib/roles/controllers.py b/keystone/contrib/roles/controllers.py
@@ -13,6 +13,7 @@
 # under the License.
 
 import itertools
+import datetime
 
 from keystone import exception
 from keystone.common import controller
@@ -414,6 +415,9 @@ def validate_oauth2_token(self, context, token_id):
             # We validate the token but no user info is provided
             return {
             }
+
+        if not token['valid'] or datetime.datetime.strptime(token['expires_at'], '%Y-%m-%d %H:%M:%S') < datetime.datetime.today():
+            raise exception.Unauthorized
 
         user = self.identity_api.get_user(token['authorizing_user_id'])